TThree years ago, a Florida man named JL decided on a whim to send a tube of his saliva to genetic testing site 23andMe in exchange for an ancestry report. JL Kano, like millions of his 23andMe participants before him, says he was often asked about his ethnicity and sought deeper insight into his identity. He said he was surprised by the variety of test results that showed he was of Ashkenazi Jewish heritage.
JL said he didn’t think much of the consequences until he learned that his company had suffered a major breach, exposing the data of nearly 7 million people, about half of the company’s customers. To make matters worse, he later learns of a hacker operating under the pseudonym “Golem”. Offered to sell name, address, genetic heritage There are reportedly 1 million 23andMe customers of similar Ashkenazi Jewish heritage on the shadowy Dark Web forum. Suddenly, JL worries that his rash decision to catalog his genes will put him and his family at risk.
“I didn’t know that my family could be targeted,” he said. “What I did out of curiosity may have put my family and myself at risk.”
JL, who asked to be identified only by his initials due to ongoing privacy concerns, is one of two plaintiffs in a recent class action lawsuit filed against 23andMe in California. The plaintiffs allege that the company failed to properly notify users who were allegedly of Jewish and Chinese descent. The complaint alleges that the hackers placed these users on a “specially curated list” that may have been sold to individuals seeking to cause harm.
23andMe has since confirmed that hackers accessed 14,000 user accounts over a five-month period last year, including several Revealed detailed and sensitive reports about users’ health.The company details the exact type of data stolen in the months-long breach in January data Violation Notice Letter Sent to California’s attorney general early last month. The hackers accessed users’ “uninterrupted raw genotype data” and other highly sensitive information such as health predisposition reports and career status reports gleaned from the processing of users’ genetic information. To make matters worse, 23andMe confirmed that the thieves also accessed the personal information of up to 5.5 million other people who opted in to the feature that allows them to find and connect with genetic relatives.
Source: www.theguardian.com